Send your good work in the knowledge base is simple. Use the form below

Good work to site">

Students, graduate students, young scientists who use the knowledge base in their studies and work will be very grateful to you.

Posted on http://allbest.ru

federal state budgetary educational institution higher education

"Tambovskiy State University named after G.R. Derzhavin"

cloudy electronic signature: advantages, disadvantages and ways of development

Kirillova Vladlena Olegovna

specialist of the educational and methodological department

Introduction

Together with active informatization of all spheres of life modern society the transition to cloud computing and services is being implemented.

Public services already function in cloud services due to their high performance for mass use by citizens. cloud signature security login banking

The transfer of workflow to cloud storage is also relevant for a small dynamically developing business.

In the process of such a transfer, the question of security and expediency of using a cloud signature arises.

Cloud signature can be actively used in such areas as:

Internet banking or mobile banking systems that require the use of a qualified electronic signature;

portals of public services, electronic reporting systems;

e-commerce systems;

systems electronic document management.

Relevance. An electronic signature in the cloud (cloud electronic signature) is a computing system that provides access via a network to the possibilities of creating, verifying ES and integrating these functions into business processes of other systems.

A cloud-based electronic signature has all the properties of an electronic signature, only it is stored not on a token or computer, but on the Internet - on a specialized secure server, in the cloud.

Cloud ES implies that your ES private key is stored on the server of the certification center, and the signing of documents takes place there. On the one hand, the fact that the key and the signing of documents occur on the server side reduces the cost of the entire ES system, on the other hand, the key is private and should be kept only by its owner, which creates a lot of questions about the security of this service.

Goals, objectives, materials and methods. The purpose of this work is to analyze scientific publications and legislation in the field of electronic signature and its subspecies - cloud electronic signature.

The implementation of this goal is carried out by solving the following tasks:

Conduct an analysis of scientific and educational literature on the topic "Cloud electronic signature";

To study various approaches to solving the inalienability of the user's electronic signature key;

Consider in more detail such developments as "Digital Signature Server" and "Hardware Security Module".

Research methods:

Analysis of documents, federal laws;

Data analysis of periodicals, educational literature, practical aids.

Scientific novelty. The novelty of this work lies in the concept of cloud signature, which is new for the IT industry of the Russian Federation. Cloud signature has its advantages and disadvantages.

Cloud ES is usually cheaper than regular ES, this is due to the absence of the need to purchase a cryptographic information protection tool and a token with a certificate.

For people far from information technology, the ease of use of a cloud signature is important: there is no need to install an ES certificate and special tools for working with it on the workstation. You can work with cloud ES from anywhere in the world, from any device with an Internet connection.

However, there are also disadvantages, such as transferring and storing the key on the server.

The servers are securely protected, but the fact of violation of the confidentiality of the key and its alienation from the owner makes the cloud ES unqualified, i.e. not confirmed by a certificate issued by an accredited certification authority.

Orientation of cloud ES to one specific system, i.e. a cloud ES service created for one information system, as a rule, is not applicable to another. In other words, the user is burdened with the need to have a signing key for each of the systems.

Presentation of the main material

The cloud signature in today's understanding belongs to the category of enhanced unqualified signature. Most of the tasks performed by it correspond to the concept legally enshrined as an enhanced signature. But at the same time, this signature is not certified by the FSB as a regulator responsible for the security of signatures based on cryptographic methods. Currently, the document signing scheme in the cloud looks like this: documents are signed on the DSS (Digital Signature Server) server using keys stored in the HSM (Hardware Security Module). At the same time, user access to HSM is based on the use, as a rule, of non-cryptographic authentication systems, such as:

* classic one-factor authentication by login and password;

* Two-factor authentication with additional input of a one-time password delivered to the user via SMS (OTP-via-SMS).

The main problem - the identification of the user's identity - is preserved for the cloud signature. Going to the cloud service, a person uses a login-password. This, of course, is not enough. You need to know exactly who logged in under this login-password. You can use your fingerprint by sending it over an unencrypted connection to a server. The key factor will remain "an unencrypted connection", because we do not have a means of cryptographic information protection.

In this case, one of the main purposes of EP is leveled? reliable cryptographic way to determine the author electronic document. Such an approach can be justified only for inter-corporate electronic document management systems in which a DSS/HSM-based solution is implemented at the level of participating corporations. In this case, outgoing documents in common system are processed according to the usual rules, and the storage of keys in a secure cloud is implemented for the convenience of employees.

Federal Law No. 63-FZ of 06-04-2011 "On Electronic Signature" establishes that electronic signature tools that have received confirmation of compliance with the requirements of this law, that is, certified for compliance with the requirements of 63-FZ, must be used to create and verify a qualified electronic signature at the regulator. Easier verification, control of the embedding of cryptographic information protection into a specific information system, where a cloud-based electronic signature is used, may not be enough.

Currently, companies developing information security tools are concerned about increasing the security of user authentication when confirming the signing of a cloud ES document and encrypting data when transmitted over the Internet. CRYPTO-PRO and SafeTech companies presented a joint development of CryptoPro myDSS based on the CryptoPro DSS cloud electronic signature (ES) software and hardware system and the PayControl electronic transaction confirmation system.

However, at the moment the solution is being certified by the FSB of Russia, and the signature is qualified only, according to the developers. Kontur.Diadoc also offers a qualified enhanced cloud-based ES with a relatively low cost and authentication via login + password and SMS with a one-time password. The certificate of the FSB of Russia was not found on the site. Thus, the security of use is directly related to access to the user's phone. Today, this risk is gradually decreasing, as the installation of a primitive password protection on the phone is an increasingly common practice among users.

Conclusion, results, conclusions

The use of a cloud signature is one of the steps in the development of the latest information technologies, our approach to a convenient digital future. However, there is still work to be done in this area.

State guarantees are required in the form of a certificate of compliance with the information security requirements of cloud electronic signature tools. It is expedient to develop and implement a standard for the use of a cloud-based electronic signature.

Bibliographic list

1. the federal law"On the electronic signature" dated 06.04.2011 N 63-FZ ( latest edition) [Electronic resource]. - Access mode: http://www.consultant.ru/document/cons_doc_LAW_112701/ (date of access: 06/07/2017)

2. Cloud signature: convergence of practice and legislation [Electronic resource]. - Access mode: http://roseu.org/article/32 (date of access: 06/07/2017)

3. CryptoPro myDSS [Electronic resource]. - Access mode: https://www.cryptopro.ru/products/mydss (date of access: 06/07/2017)

4. What is a cloud electronic signature? [Electronic resource]. - Access mode: http://www.diadoc.ru/lp-instruction (date of access: 06/07/2017)

annotation

UDC 004.056.53

Cloud electronic signature: advantages, disadvantages and ways of development. Kirillova Vladlena Olegovna, specialist of the educational and methodological department. Federal State Budgetary Educational Institution of Higher Education “Tambov State University named after G.R. Derzhavin"

The article deals with the problem of using a cloud-based electronic signature from the point of view of legality and security. Various approaches to studying the problem are highlighted, examples of Russian developments are given.

Keywords: electronic signature, cloud, security, Information Technology, cloud technologies

Abstract

Cloud electronic signature: advantages, disadvantages and ways of development. Kirillova Vladlena Olegovna, a specialist in the teaching and methodical department. Federal State Budget Educational Institution of Higher Education "Tambov State University named G.R. Derzhavin"

The article discusses the problem of using cloud electronic signature from the point of view of legality and security. Various approaches to the study of the problem are highlighted, examples of Russian developments are given.

keywords: electronic signature, cloud, security, Information Technology, cloud technologies

Hosted on Allbest.ru

Similar Documents

Law "On Electronic Signature". Definition, application technologies and principles of electronic signature formation. Standard cryptographic algorithms. The concept of a signature key certificate and verification of its authenticity. Electronic document management systems.

presentation, added 01/19/2014


Appointment of an electronic digital signature. Using hash functions. Symmetric and asymmetric scheme. Types of asymmetric electronic signature algorithms. Generating a private key and obtaining a certificate. Features of electronic document management.

abstract, added 12/20/2011


Scheme of formation of an electronic digital signature, its types, construction methods and functions. Attacks on the electronic digital signature and legal regulation in Russia. Tools for working with electronic digital signature, the most famous packages and their advantages.

abstract, added 09/13/2011


General scheme digital signature. Features of a cryptographic system with a public key, stages of encryption. The main functions of the electronic digital signature, its advantages and disadvantages. EDS key management. Use of EDS in Russia and other countries.

term paper, added 02/27/2011


Legal regulation relations in the field of using electronic digital signature. The concept and essence of an electronic digital signature as an electronic analogue of a handwritten signature, the conditions for its use. Features and functions of an electronic document.

test, added 09/30/2013


Purpose and application of electronic digital signature, history of its occurrence and main features. Types of electronic signatures in Russian Federation. List of electronic signature algorithms. Signature forgery, public and private key management.

term paper, added 12/13/2012


Organizational and legal support of electronic digital signature. Law "On Electronic Digital Signature". EDS functioning: public and private keys, signature generation and message sending. Verification (verification) and scope of EDS.

term paper, added 12/14/2011


The concept, the history of the creation of an electronic digital signature. Its varieties and scope. The use of EDS in Russia and other countries, its algorithms and key management. Ways to fake it. Attack models and their possible results. social attacks.

abstract, added 12/15/2013


general characteristics electronic signature, its features and components, basic principles and benefits of application. Use of electronic digital signature in Russia and abroad. Legal recognition of its validity. EDS verification key certificate.

term paper, added 12/11/2014


Electronic digital signature: concept, components, purpose and advantages of its use. The use of EDS in the world. Legal bases and features of use of the EDS in Ukraine. A function to calculate a signature based on a document and a secret key.

Electronic reporting in Russia appeared about 10 years ago. Over the past period, accountants have had many opportunities to evaluate its benefits. Every year, the number of companies reporting to in electronic format increases exponentially. To date, electronic reporting is evidence of the effective work of the company and an indicator of the level of qualification of an accountant. But if the assurance of reports with an electronic signature has become customary for Russian companies, then the use of a cloud-based electronic signature is a relative rarity.

Let's compare the possibilities of using a "traditional" and cloud-based electronic signature in several ways: the need for software, the security of data transfer, and the cost.

A traditional electronic signature requires the installation of a special program. At the same time, it will be possible to certify reports with an electronic signature only on the computer where the necessary software is installed. In addition, in Russian reality, situations often arise when an electronic signature key conflicts with an Internet banking key. In such a situation, the company is forced to use a dedicated computer to send electronic reporting. Traditional electronic signature software, like any software, requires periodic updates and maintenance costs.

The need to eliminate these deficiencies and the possibilities of high technologies made it possible to create a cloud-based electronic signature. Unlike traditional ES, cloud-based - does not require installation of software and cryptography on a computer. The certification center issues an electronic signature and places it in its certified secure cell (cloud). Only the owner of the signature has access to this cell using sms, which comes to mobile phone. Since all information about access to a cloud-based electronic signature is stored on a cloud server in a certification center, an accountant can sign and send electronic reports from any computer, tablet, smartphone or even a mobile phone with Internet access. The undoubted advantage of a cloud-based electronic signature is the absence of costs for the purchase of software, its support and updating. This technology is also used in many Internet banks.

Despite the fact that a cloud-based electronic signature is still a fairly new concept for Russian accounting, successful experience in implementing new technologies has already been accumulated. First on Russian market implemented a cloud-based electronic signature using one-time passwords via sms Internet accounting "My business", together with the certification center "Kaluga Astral". To date, more than 100 thousand accounting reports have already been submitted using cloud-based ES.

“For two years of work, more than one thousand organizations have used the service, which have appreciated its convenience, accessibility and user-friendliness,” says Igor Chernin, Director of Kaluga Astral. “The service has increased the attractiveness electronic way submission of reports for small enterprises and individual entrepreneurs. Technical solutions in the field of platform development and in the field of using the "cloud" ES, which were implemented as part of the service, formed the basis of many similar products currently on the market."

Other market participants also appreciated the benefits of clouds. For example, the company CRYPTO-PRO, which occupies a leading position in the distribution of cryptographic information protection and electronic digital signature, has created a new hardware and software cryptographic module "CryptoPro HSM". Although this service is not yet used for reporting, there is already a movement and there is hope that in a couple of years it will be possible to forget about the traditional electronic signature in those places where there is no absolute need for it.

As you know, the task of an electronic signature is to simplify the workflow. According to the 2011 law "On Electronic Signature", a digital document that is signed by an ES is equated to a paper document with a hand-made autograph.

“A “cloud” electronic signature has all the properties of a regular one, only it is stored not on a flash drive or computer, but on the Internet - on a special secure server, “in the cloud,” says Igor Chepkasov, founder and president of the National Cryptocurrency Development Fund. The signing and encryption of the document also takes place there, therefore such an electronic signature does not require the installation of special software on the computer. The expert notes that one of the advantages of the "cloud" signature is the ability to sign documents (including reporting) and send them from anywhere in the world and from any device.

Anton Elikov (Merkat project) notes that an electronic signature “in the cloud” is something that many of us use every day without even noticing. “The most striking example is the authorization mechanism in mobile and Internet banks, when, after entering a password, you are sent a one-time PIN code via SMS. Such a two-level authorization, in essence, can already be an electronic signature, ”says the expert.

Why do you need e-mail. Sergey Kazakov, expert in the field information security of the SKB Kontur company, recalls that with the help of ES, companies submit reports to the tax and other regulatory authorities, and conduct electronic document management. Digital signature is also widely used in the field public procurement. “According to our estimates, the total number of electronic signature users in Russia exceeds two million,” the expert notes. “The technology of “cloud” electronic signature, which appeared several years ago, makes this tool more accessible for business. This is confirmed by several tens of thousands of SKB Kontur customers who have made a choice in its favor,” says Mr. Kazakov.

note

While experts are talking about the spread of "cloud" ES, there is one problem - the issues of its application are not spelled out in regulations.

As Aleksey Dashkov, head of information security at System Software, notes, an ES performs the same function as a stamped signature. “It ensures the authenticity of the document and consists of a closed and public key. The document is signed using a private key, which is usually stored on a special medium - a token. You can purchase the service from a number of companies providing such services, no special requirements, except for the availability of a standard kit constituent documents not required,” he says.

“The “cloud” electronic signature is a regular electronic signature, but with one difference: the private key is stored on the servers of the certification center, and the signing of documents is carried out there. The signer's identity is usually verified by sending an SMS with a code to a mobile phone,” explains Mr. Dashkov.

Issue price

Igor Chepkasov said that the cost of an EP depends on its functionality and scope and ranges from 1,000 to 15,000 rubles. “At least, I personally met such prices when I needed an EP for work. A “cloud” electronic signature in some companies I know costs 3,000 rubles,” the expert shares.

The cost of a "cloud" signature varies for different operating companies. You can find an offer for 900 rubles a year. However, do not unconditionally believe advertising promises. We advise you to familiarize yourself with the price list for the "cloud" signature in detail and find out what is included in the price, and only after that make a decision on its purchase.

“The cost of a “cloud” electronic signature is usually included in the tariff of the service that the client buys. The only SKB Kontur service that sells it separately is the Diadok electronic document management system. In it, it is 900 rubles. At the same time, a regular certificate on a carrier with a license on a cryptographic information protection tool (CIPF) will cost 3,000 rubles, ”says Sergey Kazakov.

How does it work?

The technology is based on a specialized electronic signature server located "in the cloud". “If the user needs, for example, to send a report to tax office, its accounting system interacts with the electronic signature server and sends it a document to be signed. The electronic signature server is obliged to request permission from the user - this can be done by sending the transaction confirmation code to his mobile phone, as in the Internet bank, ”says Sergey Kazakov. By entering the confirmation code in the accounting system, the user authorizes access to the ES key, and a signature is created for the document. “All electronic signature keys are stored in encrypted form on a specialized device that meets the most stringent security requirements. The operator of the electronic signature server must take all measures to minimize the risk of unauthorized access to the keys,” says Mr. Kazakov.

In order to use a "classic" electronic signature, you need to purchase a token and specialized software - a cryptographic provider. “This is a significant expense, especially for start-up entrepreneurs. Then this software needs to be installed and configured, and if you are going to use the signature on several workstations - for each place separately. A “cloud” electronic signature does not require the purchase of software and pre-configuration, it cannot be lost or forgotten,” says Mr. Kazakov. Unlike traditional technologies, the "cloud" signature is available to users on any operating system and platform, including mobile devices.

Alexey Dashkov notes that "cloud" ES are popular with small companies or individual entrepreneurs actively using services “such as online accounting and online document management”. IN large organizations who do not use "clouds", the use of such a signature, according to him, may be more expensive and more difficult than the use of a conventional ES.

What are the prospects?

According to Anton Elikov, the entire transport industry in Russia is waiting for the spread of the use of "cloud" electronic signatures. “One has only to imagine a situation when a forwarding driver goes on a flight not with a bundle of papers, but with a tablet. And right at the place of shipment, he signs a consignment note with the client! But the “cloud” electronic signature could bring the main benefit in the case when the delivery document differs from the actually shipped volume of products (resorting, breakage during transportation),” he notes. According to Mr. Elikov, such cases in practice sometimes happen up to 40 percent. “And all these documents are now sent on a long journey of interaction between the accounting departments on the part of the supplier and the buyer. Although the issue of discrepancies could be settled right at the place of shipment, and the fact of the change would be confirmed by a “cloud” signature,” the expert concludes.

Igor Chepkasov says that at present there are already completely new developments using Blockchain technology, namely smart contracts. “Decentralization, the fundamental principle of the technology, provides absolute protection against compromise and unauthorized access to any document and the signature itself, since each such block element (signature, document, archive, etc.) is located in a strong chain of numbered blocks protected by the most complex cryptographic code,” he says. According to Mr. Chepkasov, it is impossible to make changes to a block already put into circulation; a smart contract is an electronic algorithm that describes a set of conditions, the fulfillment of which entails certain events. “His work is based on the creation and application of so-called low-trust protocols, where the protocol algorithm uses only software, and the human factor is excluded from the decision-making chain as much as possible - a person here acts exclusively in ro-and one of the parties involved in the implementation of the contract. For example, when sending payments, the execution of a contract is impossible without receiving the number of electronic signatures specified in the contract,” he notes.

In the meantime, while experts talk about the spread of the practice of using a "cloud" electronic signature and talk about the possibilities for developing technologies, there is one problem. It is connected with the fact that today the issues of applying such an ES are not properly spelled out in the regulations. But soon, namely, in the III quarter of 2016, Russians will have the legal opportunity to use an electronic signature without a material carrier - a USB flash drive or a SIM card. Such a norm is contained in the "road maps" for the program for the development of the Internet in Russia, which the Internet Development Institute prepared for the President of the Russian Federation. So we can expect that companies will soon stop being afraid of "cloud" technologies and begin to use such an electronic signature more actively in their work.

(EP) in the cloud. Basically, this topic is discussed by IT-specialists. However, with the development of electronic document management services (EDF), subject specialists - accountants, secretaries, and others - began to get involved in the topic of cloud ES.

Let me explain, a cloud-based electronic signature implies that your private ES is stored on the server and the signing of documents takes place there. This is accompanied by the conclusion of relevant contracts and powers of attorney. And the actual confirmation of the signer's identity occurs, as a rule, using SMS authorization.

The need to use cloud ES by an accountant depends on the mode in which he works. If you are often away from the office, or, for example, work for a company that provides accounting services (accounting outsourcing), then cloud-based ES will help you sign documents from anywhere. It does not need to install any additional However, despite the ease of use, not all companies are ready to use this feature.

So that you can choose for yourself whether you need a cloud-based electronic signature or not, we will consider all the pros and cons of using it. And also think about who might really need such a signature. By the way, in this article we will only talk about enhanced (hereinafter - UKEP).

Behind

Cloud electronic signature is cheaper than usual. This is mainly due to the fact that you do not need to purchase a cryptographic information protection tool (CIPF) and a token (flash drive with a certificate). As a rule, taking into account their acquisition, the price of the product takes off by 2-2.5 times.

Convenience and ease of use. To work with a cloud-based electronic signature, you do not need to install either the electronic signature certificate itself or special tools for working with it. This means that you will not waste time figuring out how it all works.

Mobility. Currently common and free solutions for using a non-cloud electronic signature on mobile devices is not yet available. In this regard, a huge advantage of a cloud-based electronic signature is that you can work with it from any computer, tablet, smartphone with Internet access.

Against

You do not physically sign the document. You need to understand that in the case of a cloud-based electronic signature, the private part of the key, which is confidential and should belong only to you, will be located on the server of the certification center. Of course, this will be documented, and the servers themselves are securely protected. But here it all depends on the company's security requirements and on the documents associated with signing. If it is important for you that the owners of the private keys themselves sign the documents, then a cloud-based electronic signature will not suit you. In this situation, it is up to you to decide how much you trust the CA and the servers that store the private keys.

You can use cloud-based ES only in those services with which there is integration of the certification center software. This is also due to the fact that in the case of cloud ES, the private key is stored on the CA server. In order for the service you need to be able to use such a private ES key for signing, it needs to be able to send a request for generating an electronic signature to the CA server. It is clear that at the moment there are a lot of services and all of them will not be able to provide integration with software UC. It turns out that you will have to use cloud ES only with certain services. To work with other services, you will have to buy another ES certificate, and there is no way that these services will support any kind of cloud-based electronic signature.

And what?

Cloud electronic signature is a convenient, mobile and simple tool, but not the most flexible. And in terms of security, perhaps storing the private key on a secure server would be better than keeping a token in a drawer.

Who really needs an electronic signature? First of all, those who often work outside their office in the office. For example, auditors who often visit clients. Or and for whom it is important to sign documents anywhere. For them, a cloud-based electronic signature will become an indispensable assistant in their work.

Also, a lot depends on the policy of the company. If an organization moves towards cloud technologies, for example, in terms of storing documents, using services for internal and external document management, then electronic signatures will most likely also be cloud-based. Otherwise, accountants, clerks and other employees who usually do not leave their office during work do not need a cloud-based electronic signature. They can purchase an ES private key and an ES certificate in the usual mode, on a carrier that can be used in most services for exchange with counterparties and government agencies.

Only crypto keys issued with CryptoPro CIPF can be transferred to the cloud.

The transfer is carried out in 2 stages, they are described below.

Checking the EDS for compliance with the requirements

Open the CryptoPro CSP cryptographic information protection tool (CIPF) control panel ("Start" - "Control Panel" - "CryptoPro CSP") as administrator ("General" tab - "Run as administrator") and go to the "Hardware" tab (Picture 1).

Figure 1 - Readers setup

Click the button Set up readers... ". The USB flash drive and floppy disk reader is installed by default when installing the CryptoPro CSP. Check that on the “Readers” tab there is an item “ All removable drives". If the item "All removable drives" is missing, it must be added through the button " Add…” (Figure 2).



Figure 2 - Managing readers

Make sure a blank USB flash drive is connected and accessible.


Go to the "Service" tab and click the " Copy».




Figure 3 - Tab "Service" button "Copy"


The Copy Private Key Container window opens.

1. In the "" window (Figure 3), fill in the "Key container name" field. It can be found in the container lists (button " Overview”) or certificates (button “ According to the certificate»).

After the key container is found, click the " Further". If a password is set for access to the private key, it will be requested.

Enter your password and click the " OK". A window for entering the parameters of the new private key container will open (Figure 4).




Figure 4 - Window for entering parameters of a new private key container

The window " Copying the private key container» (Figure 5).




Figure 5 - Window "Copy private key container"

Enter the name of the new key container and check the radio button " The entered name specifies the key container» to position « User».


Click the Done button. A window will open in which you need to select a USB flash drive to place the copied container (Figure 6).





Figure 6 - Media selection window

Click the button OK". A window for creating a password for access to the private key container will open (Figure 7).





Figure 7 - Password entry window

At this step, you should create a password for the new private key container and confirm it. This password will protect the digital signature, you will need to enter it each time you access it. After entering the required data, click the "OK" button. The cryptographic information protection tool (CIPF) "CryptoPro CSP" will copy the container of the private key to the USB flash drive.


To copy open EDS key launch the Internet Explorer settings panel (" Start» – « Control Panel» – « Browser Properties» (Figure 8)) and go to the tab « Content» (Figure 9).


Figure 8 - " Control Panel» – « Browser Properties»





Figure 9 - " Browser Properties» - « Content» - « Certificates»;

On the Contents tab, click on the Certificates button. In the "Certificates" window, select the EDS certificate associated with the private key and click the "Export ..." button (Figure 10).




Figure 10 - Equipment "Certificates"

The window " Certificate Export Wizard» (Figure 11).




Figure 11 - Certificate Export Wizard

In the Certificate Export Wizard window that opens, click the " Further". In the next step, opt out of exporting the private key by checking the " No, do not export the private key” (Figure 12) and click the “Next” button.




Figure 12 - Selecting the type of keys for export

In the next step, select the EDS certificate file format by selecting the radio button in the "DER-encoded X.509 (.CER) files" field, and click the " Further» (Figure 13).





Figure 13 - Selecting the EDS certificate file format

At the final stage, specify the name and location of the file and click the " Further". At the last step of the wizard, check the selected options and click the " Ready» (Figures 14 and 15).




Figure 14 - Specifying the save path and the name of the certificate




Figure 15 - Saving the EDS certificate

The files obtained as a result of the above manipulations should be placed in a folder and copied to the cloud along the path " W:\EDS". This the folder is accessible only to the main user.

The result should be something like the following "W: \ EDS \ LLC Test" (Figure 16).




Figure 16 - EDS copied to the cloud.

The installation is carried out by information security specialists, they work on weekdays from 9 to 18 Moscow time. The application should indicate the name of the folder in which you saved the EDS.

If your keys are issued using the VipNet CIPF, then they will not work on the terminal farm (via Remote Desktop or RemoteApp). In this case, work can be done on a local PC using a thin client, more about installing and working in .

If the option of working in a thin client does not suit you, then the EDS should be reissued through CryptoPro, to approve the application for reissuing the certificate, you should contact your service organization.